I am a Security Researcher in the Application Security Operation Center of the Global Security Operations of Amadeus IT Group. My domains of interest and expertise are Network and Application Security.

Prior to this position, I was a Ph.D. researcher in Digital Security enrolled at the Sorbonne Université. I worked on my research project in the Digital Security Department of EURECOM and Amadeus IT Group, under the supervision of Prof. Marc Dacier (KAUST) and Dr. Olivier Thonnard (Amadeus IT Group). I officially defended my Ph.D. thesis, titled “Detecting and Mitigating the New Generation of Scraping Bots”, in November 2023. In the spring of 2022 and 2023, I was a visiting researcher at the Resilient Computing and Cybersecurity Center (RC3), Saudi Arabia.

My recent research has delved into Residential IP proxies, commonly employed for bot traffic. After an in-depth examination of this proxy ecosystem and the development of novel server-side methods for detecting such requests, our attention has shifted toward identifying the geolocation of malicious actors leveraging these services thanks to network measurements.

Additionally, we are investigating techniques to recognize instances where bots redirect CAPTCHAs to CAPTCHA Farms. These farms, both virtual and physical, involve individuals being paid to swiftly solve these tests and provide the corresponding answers to bots for timely submission. In this way, bots can mimic real users solving times for CAPTCHAs.

Finally, our exploration extends to leverage machine learning models and deceptive strategies to improve the identification and mitigation of bot traffic.

I am always more than happy to discuss our work, if you have any feedback please do not hesitate to contact me at elisa.chiapponi@amadeus.com :)

Outside of work, I am passionate about cooking, volunteering (Global Shapers Nice, Helping Hands), hiking, indoor and outdoor climbing. I also love traveling, listening to true-crime podcasts and dancing Balfolk.